The People Factor in Cyber Breach

Without a change in perspective, we risk losing the cyber war being waged on businesses by sophisticated
nation states and criminal organizations. Traditional approaches to evaluating risks and controls
are insufficient to prevent cyber-attacks.

Risk assessments focusing on the people, processes andtechnology overemphasize the information technology organization. The critical focus needs to be on the“user”--since even a world-class information technology function can be interrupted by a single actionperformed by an individual user. Internal audit needs a fresh perspective that emphasizes the individualuser--who is the front line of cyber readiness--in addition to any administrative, physical and technicalcontrols.

Risk assessments focusing on the people, processes and technology overemphasize the information technology organization. The critical focus needs to be on the“user”--since even a world-class information technology function can be interrupted by a single action performed by an individual user. Internal audit needs a fresh perspective that emphasizes the individual user--who is the front line of cyber readiness--in addition to any administrative, physical and technical controls.

Downloads

Share